Subscription to the full report on a daily basis can be obtained:
Send an eMail to dhsdailyadmin@mail.dhs.osis.gov with the subject "DHS Daily Open Source Infrastructure Report" and the following line in the body...subscribe.
To obtain a complete copy of the current report proceed to the DHS link below.
To obtain reports more than 10 business days old, send an eMail to DHS_Reports@e-computer-security.com. Be specific as to the reports you wish to receive.

• Two men were arrested in Torrance, California, August 30 for
their roles in an $85,000 ATM skimming scheme. – Southern California City
News Service

2. August 31,
Southern California City News Service – (California) Duo arrested in
widespread LA ATM machine skimming scam. Two men were arrested in Torrance,
California, August 30 for their roles in an $85,000 ATM skimming scheme where
the duo installed skimming devices on ATM machines in Burbank and elsewhere in
Los Angeles County and stole the account information from over 50 bank
customers to create cloned ATM cards and withdraw cash from other ATMs in the
county. Officials discovered an additional $233,000 in declined transactions
attempted by the duo.

• About 209 patients were evacuated from the Regional Medical
Center Bayonet Point in Hudson, Florida, August 31 following an electrical fire
in a generator room that knocked out power to the hospital. – WFLA 8 Tampa

10. September
1, WFLA 8 Tampa – (Florida) Electrical fire forces Florida hospital to evacuate
as Tropical Storm Hermine nears. A total of 209 patients were evacuated
from the Regional Medical Center Bayonet Point in Hudson, Florida, August 31
following an electrical fire in a generator room that knocked out power to the
hospital. Officials stated nearly 50 patients were transferred to Oak Hill
Hospital in Brooksville and the other patients were transported to regional
facilities. Source: http://wsav.com/2016/09/01/electrical-fire-forces-florida-hospital-to-evacuate-as-tropical-storm-hermine-nears/

• More than 1,500 fire fighters reached 8 percent containment
August 31 of the 17,302-acre Gap Fire burning in the Klamath National Forest
between Yreka, California, and Happy Camp in Siskiyou County. – Redding
Record Searchlight

• Kimpton Hotel & Restaurant Group, LLC officials confirmed
August 31 that credit and debit cards used at more than 60 restaurants and
hotel reception desks from February 2016 – July 2016 may have been compromised
by malware. – Krebs on Security

17. September
1, Krebs on Security – (National) Kimpton Hotels acknowledges data breach. Officials
from the Kimpton Hotel & Restaurant Group, LLC confirmed August 31 that
malware detected on payment terminals may have compromised credit and debit
cards used at more than 60 restaurants and hotel reception desks from February
16, 2016 – July 7, 2016. The source and extent of the breach remains under
investigation.

2. August 31,
Southern California City News Service – (California) Duo arrested in
widespread LA ATM machine skimming scam. Two men were arrested in Torrance,
California, August 30 for their roles in an $85,000 ATM skimming scheme where
the duo installed skimming devices on ATM machines in Burbank and elsewhere in
Los Angeles County and stole the account information from over 50 bank
customers to create cloned ATM cards and withdraw cash from other ATMs in the
county. Officials discovered an additional $233,000 in declined transactions
attempted by the duo.

13. September
1, SecurityWeek – (International) Betabot starts delivering Cerber ransomware. Security
researchers from Invincea discovered the Betabot ransomware began carrying out
a second-stage payload where the malware delivers the Cerber ransomware on the
endpoint of a compromised machine after stealing user passwords in the
first-stage, in order for the malware operators to increase their profits.
Researchers also found the ransomware was being delivered by the Neutrino
exploit kit (EK) and stated the malware avoids detection and analysis through
virtual machine awareness and by checking for sandboxes. Source: http://www.securityweek.com/betabot-starts-delivering-cerber-ransomware

14. September
1, SecurityWeek – (International) Cisco fixes severe flaw in WebEx, small
business products. Cisco released software and firmware updates addressing
several vulnerabilities in its WebEx Meetings Player version T29.10 for WebEx
Recording Format (WRF) files after a COSIG security researcher discovered a
critical flaw that could allow an unauthenticated attacker to execute arbitrary
code remotely by tricking a user to open a specially crafted file, and a medium
severity vulnerability that could allow an unauthenticated attacker to remotely
crash the program by convincing the user to access a malicious file. Cisco also
released fixes for three denial-of-service (DoS), cross-site request forgery
(CSRF), and cross-site scripting (XSS) issues plaguing its Small Business 220
Series Smart Plus (Sx220) switches that could allow a remote, unauthenticated
attacker to gain access to Simple Network Management Protocol (SNMP) objects on
a compromised device. Source: http://www.securityweek.com/cisco-fixes-severe-flaws-webex-small-business-products

15. September
1, Softpedia – (International) Vulnerability in Yandex browser allows
attackers to steal victims’ browsing data. A security researcher from
Netsparker discovered the login form of the Yandex Browser was plagued with a
cross-site forgery request (CSRF) vulnerability that could allow an attacker to
steal a victim’s passwords, bookmarks, autocomplete info, and browser history,
among other data, by convincing a user to visit a malicious Website that
includes code to create a Yandex Browser data sync login form and submits the
information with the attacker’s credentials, thereby starting an automatic
syncing process that sends a copy of the user’s data to the attacker.

Links

About Me

U.S. Army Retired Chief Warrant Officer with more than 40 years in information technology and 35 years in information security. Became a Certified Information Systems Security Professional in 1995 and have taught computer security in Asia, Canada and the United States. Wrote a computer security column for 5 years in the 1980s titled "for the Sake Of Security", penname R. E. (Bob) Johnston, which was published in Computer Decisions.
Motto: "When entrusted to process, you are obligated to safeguard"